First published: Mon Mar 17 2008(Updated: )
zabbix_agentd in ZABBIX 1.4.4 allows remote attackers to cause a denial of service (CPU and connection consumption) via multiple vfs.file.cksum commands with a special device node such as /dev/urandom or /dev/zero.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Zabbix Server | =1.1.2 | |
Zabbix Server | =1.1.3 | |
Zabbix Server | =1.1.4 | |
Zabbix Server | =1.1.5 | |
Zabbix Server | =1.4.2 | |
Zabbix Server | =1.4.3 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The severity of CVE-2008-1353 is considered to be high due to its potential for denial of service attacks.
To fix CVE-2008-1353, you should upgrade Zabbix to a version higher than 1.4.4 that addresses this vulnerability.
CVE-2008-1353 affects Zabbix versions 1.1.2, 1.1.3, 1.1.4, 1.1.5, 1.4.2, and 1.4.3.
CVE-2008-1353 allows remote attackers to conduct denial of service attacks through specific commands targeting resource consumption.
Yes, CVE-2008-1353 is a remote vulnerability that can be exploited by attackers without physical access to the affected system.